558d693f1fdfb24121c35daf08e7bf30ec25a949ed4c14ec9a5ce66862c4370f

Sharing

Copy URL

Twitter E-mail

General

Target

558d693f1fdfb24121c35daf08e7bf30ec25a949ed4c14ec9a5ce66862c4370f
Size

172KB
MD5

91599f5eab69254b046bf1f753be8db5
SHA1

35c024ee3eb23ad41af574711c70967a073ffc9d
SHA256

558d693f1fdfb24121c35daf08e7bf30ec25a949ed4c14ec9a5ce66862c4370f
SHA512

900030cc0eac43500212a780454c219127b836804c7915cd964f635eaa6efe2236f5c012027468453e42853bbe61d66dc31f84135ddc5f778952708cca1f5155
SSDEEP

3072:W0Ij5e3EFG31khGwGc4QHeOCSuD6dcQqr9paVRY5wbVlRpVoRVfu2NAbhKgVd:UtyEFy1bsCV6dcJ9neenu2NAbhL

Score

N/A

Malware Config

Signatures

Files

558d693f1fdfb24121c35daf08e7bf30ec25a949ed4c14ec9a5ce66862c4370f
.exe windows x86

9850b7ed15a81a2d8ea29b87487d0b1a

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

LsaNtStatusToWinError
NotifyBootConfigStatus
RegCloseKey
RegDeleteKeyW
RegEnumValueW
RegOpenCurrentUser
RegOpenKeyExW
RegQueryInfoKeyW
RegQueryValueExW

oleaut32

SafeArrayGetLBound
SafeArrayDestroy
SafeArrayGetUBound
SafeArrayUnlock
SysAllocStringLen
SysFreeString
SysStringLen
VarCyMul
VariantChangeType
VariantClear
VariantInit
SafeArrayCreate

shlwapi

PathFindFileNameW

rpcrt4

RpcServerUseProtseqEpW
NdrServerCall2
RpcAsyncRegisterInfo
RpcMgmtStopServerListening
RpcMgmtWaitServerListen
RpcServerRegisterIfEx
RpcServerUnregisterIf

shell32

SHCreateDirectoryExW
SHFreeNameMappings
SHGetDesktopFolder
SHAddToRecentDocs

kernel32

_llseek
WriteFileEx
WriteFile
WriteConsoleW
WriteConsoleA
WideCharToMultiByte
WaitForSingleObject
VirtualProtect
VirtualFree
VirtualAlloc
UnmapViewOfFile
UnhandledExceptionFilter
TlsSetValue
TlsGetValue
TlsFree
TlsAlloc
SystemTimeToTzSpecificLocalTime
Sleep
SizeofResource
SignalObjectAndWait
SetStdHandle
SetProcessShutdownParameters
SetFilePointer
SetCurrentDirectoryW
RtlUnwind
ResumeThread
ResetEvent
CloseHandle
CreateDirectoryW
CreateEventA
CreateFileA
CreateFileW
CreateThread
DeleteFileW
DeviceIoControl
ExitProcess
ExitThread
ExpandEnvironmentStringsW
FindNextFileW
FlushConsoleInputBuffer
FlushFileBuffers
FlushViewOfFile
FormatMessageA
FormatMessageW
FreeEnvironmentStringsA
FreeEnvironmentStringsW
FreeLibrary
GetACP
GetCPInfo
GetCommState
GetCommandLineA
GetConsoleCP
GetConsoleMode
GetCurrentDirectoryW
GetCurrentProcessId
GetCurrentThreadId
GetDateFormatA
GetEnvironmentStringsA
GetExitCodeThread
GetFileAttributesW
GetFileSizeEx
GetFileType
GetLastError
GetLocaleInfoA
GetLocaleInfoW
GetModuleFileNameW
GetModuleHandleA
GetOEMCP
GetProcAddress
GetProcessHeap
GetProcessTimes
GetStartupInfoA
GetStdHandle
GetStringTypeW
GetSystemDirectoryW
GetSystemTimeAsFileTime
GetSystemWindowsDirectoryW
GetTickCount
GetTimeFormatA
GetTimeZoneInformation
GetUserDefaultLCID
GetVersionExW
GlobalHandle
HeapAlloc
HeapCreate
HeapDestroy
HeapFree
HeapReAlloc
HeapSize
InitializeCriticalSection
InitializeCriticalSectionAndSpinCount
InterlockedCompareExchange
InterlockedExchange
IsDebuggerPresent
IsValidLocale
LCMapStringA
LeaveCriticalSection
LocalFree
MapViewOfFile
Module32FirstW
MoveFileW
OpenProcess
OutputDebugStringW
QueryPerformanceCounter
QueryPerformanceFrequency
RaiseException
ReadFile
ReleaseMutex
RemoveDirectoryW

ole32

CoInitialize
CoCreateInstance
CoInitializeEx

user32

GetMessageW
PostQuitMessage
SetTimer

setupapi

SetupUninstallOEMInfW
SetupDiEnumDeviceInfo
SetupDiEnumDriverInfoW
SetupDiGetClassDevsW
SetupDiGetDeviceInstallParamsW
SetupGetStringFieldW
SetupGetFieldCount
SetupDiSetDeviceInstallParamsW
SetupDiDestroyDeviceInfoList
SetupDiSetClassInstallParamsW
SetupDiOpenDeviceInfoW
SetupDiOpenDevRegKey
SetupDiOpenClassRegKey
SetupDiGetSelectedDriverW
CM_Add_Empty_Log_Conf_Ex
CM_Free_Log_Conf_Ex
CM_Get_DevNode_Status
CM_Get_Device_IDW
SetupDiBuildDriverInfoList
SetupDiCallClassInstaller
SetupDiCreateDeviceInfoList
SetupDiDeleteDeviceInfo
SetupDiGetDeviceRegistryPropertyW

Exports

Exports

HrEtreamSeekBegin
HrGetBodyElement
HrIStreamWToBSTR
RetrieveColumns
Swap

Sections

.text
Size: 54KB - Virtual size: 53KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 97KB - Virtual size: 97KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 19KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 362B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9850b7ed15a81a2d8ea29b87487d0b1a

Headers

DLL Characteristics

File Characteristics

Imports

advapi32

oleaut32

shlwapi

rpcrt4

shell32

kernel32

ole32

user32

setupapi

Exports

Exports

Sections

.text Size: 54KB - Virtual size: 53KB

.rdata Size: 97KB - Virtual size: 97KB

.data Size: 19KB - Virtual size: 19KB

.rsrc Size: 512B - Virtual size: 362B

.text
Size: 54KB - Virtual size: 53KB

.rdata
Size: 97KB - Virtual size: 97KB

.data
Size: 19KB - Virtual size: 19KB

.rsrc
Size: 512B - Virtual size: 362B